Support for PGP cv25519 encryption keys

joemiller / yk-attest-verify

Verify and assert policy on YubiKey attestation certificates

Apache License 2.0

17 stars 2 forks source link

Support for PGP cv25519 encryption keys #25

Open lxp opened 2 years ago

lxp commented 2 years ago

Verifying the attestation for PGP ed25519 signing and authentication keys works as intended. However, PGP cv25519 encryption keys cannot be verified and result in the following error:

$ docker run --rm -it -v $(pwd)/att:/att:ro joemiller/yk-attest-verify pgp /att/att-statement-enc.pem /att/att-cert.pem --allowed-slots=enc
Error: x509: unsupported elliptic curve

joemiller commented 2 years ago

@lxp Thanks for the report. I am not as familiar with cv25519 as ed25519. Can you provide any steps that might help me quickly setup a good test case here? tnx